1 /* Shared library add-on to iptables to add CLUSTERIP target support. 2 * (C) 2003 by Harald Welte <laforge (at) gnumonks.org> 3 * 4 * Development of this code was funded by SuSE AG, http://www.suse.com/ 5 */ 6 #include <stdbool.h> 7 #include <stdio.h> 8 #include <string.h> 9 #include <stdlib.h> 10 #include <getopt.h> 11 #include <stddef.h> 12 13 #if defined(__GLIBC__) && __GLIBC__ == 2 14 #include <net/ethernet.h> 15 #else 16 #include <linux/if_ether.h> 17 #endif 18 19 #include <xtables.h> 20 #include <linux/netfilter_ipv4/ipt_CLUSTERIP.h> 21 22 enum { 23 O_NEW = 0, 24 O_HASHMODE, 25 O_CLUSTERMAC, 26 O_TOTAL_NODES, 27 O_LOCAL_NODE, 28 O_HASH_INIT, 29 F_NEW = 1 << O_NEW, 30 F_HASHMODE = 1 << O_HASHMODE, 31 F_CLUSTERMAC = 1 << O_CLUSTERMAC, 32 F_TOTAL_NODES = 1 << O_TOTAL_NODES, 33 F_LOCAL_NODE = 1 << O_LOCAL_NODE, 34 F_FULL = F_NEW | F_HASHMODE | F_CLUSTERMAC | 35 F_TOTAL_NODES | F_LOCAL_NODE, 36 }; 37 38 static void CLUSTERIP_help(void) 39 { 40 printf( 41 "CLUSTERIP target options:\n" 42 " --new Create a new ClusterIP\n" 43 " --hashmode <mode> Specify hashing mode\n" 44 " sourceip\n" 45 " sourceip-sourceport\n" 46 " sourceip-sourceport-destport\n" 47 " --clustermac <mac> Set clusterIP MAC address\n" 48 " --total-nodes <num> Set number of total nodes in cluster\n" 49 " --local-node <num> Set the local node number\n" 50 " --hash-init <num> Set init value of the Jenkins hash\n"); 51 } 52 53 #define s struct ipt_clusterip_tgt_info 54 static const struct xt_option_entry CLUSTERIP_opts[] = { 55 {.name = "new", .id = O_NEW, .type = XTTYPE_NONE}, 56 {.name = "hashmode", .id = O_HASHMODE, .type = XTTYPE_STRING, 57 .also = O_NEW}, 58 {.name = "clustermac", .id = O_CLUSTERMAC, .type = XTTYPE_ETHERMAC, 59 .also = O_NEW, .flags = XTOPT_PUT, XTOPT_POINTER(s, clustermac)}, 60 {.name = "total-nodes", .id = O_TOTAL_NODES, .type = XTTYPE_UINT16, 61 .flags = XTOPT_PUT, XTOPT_POINTER(s, num_total_nodes), 62 .also = O_NEW, .max = CLUSTERIP_MAX_NODES}, 63 {.name = "local-node", .id = O_LOCAL_NODE, .type = XTTYPE_UINT16, 64 .flags = XTOPT_PUT, XTOPT_POINTER(s, local_nodes[0]), 65 .also = O_NEW, .max = CLUSTERIP_MAX_NODES}, 66 {.name = "hash-init", .id = O_HASH_INIT, .type = XTTYPE_UINT32, 67 .flags = XTOPT_PUT, XTOPT_POINTER(s, hash_initval), 68 .also = O_NEW, .max = UINT_MAX}, 69 XTOPT_TABLEEND, 70 }; 71 #undef s 72 73 static void CLUSTERIP_parse(struct xt_option_call *cb) 74 { 75 struct ipt_clusterip_tgt_info *cipinfo = cb->data; 76 77 xtables_option_parse(cb); 78 switch (cb->entry->id) { 79 case O_NEW: 80 cipinfo->flags |= CLUSTERIP_FLAG_NEW; 81 break; 82 case O_HASHMODE: 83 if (strcmp(cb->arg, "sourceip") == 0) 84 cipinfo->hash_mode = CLUSTERIP_HASHMODE_SIP; 85 else if (strcmp(cb->arg, "sourceip-sourceport") == 0) 86 cipinfo->hash_mode = CLUSTERIP_HASHMODE_SIP_SPT; 87 else if (strcmp(cb->arg, "sourceip-sourceport-destport") == 0) 88 cipinfo->hash_mode = CLUSTERIP_HASHMODE_SIP_SPT_DPT; 89 else 90 xtables_error(PARAMETER_PROBLEM, "Unknown hashmode \"%s\"\n", 91 cb->arg); 92 break; 93 case O_CLUSTERMAC: 94 if (!(cipinfo->clustermac[0] & 0x01)) 95 xtables_error(PARAMETER_PROBLEM, "MAC has to be a multicast ethernet address\n"); 96 break; 97 case O_LOCAL_NODE: 98 cipinfo->num_local_nodes = 1; 99 break; 100 } 101 } 102 103 static void CLUSTERIP_check(struct xt_fcheck_call *cb) 104 { 105 if (cb->xflags == 0) 106 return; 107 if ((cb->xflags & F_FULL) == F_FULL) 108 return; 109 110 xtables_error(PARAMETER_PROBLEM, "CLUSTERIP target: Invalid parameter combination\n"); 111 } 112 113 static const char *hashmode2str(enum clusterip_hashmode mode) 114 { 115 const char *retstr; 116 switch (mode) { 117 case CLUSTERIP_HASHMODE_SIP: 118 retstr = "sourceip"; 119 break; 120 case CLUSTERIP_HASHMODE_SIP_SPT: 121 retstr = "sourceip-sourceport"; 122 break; 123 case CLUSTERIP_HASHMODE_SIP_SPT_DPT: 124 retstr = "sourceip-sourceport-destport"; 125 break; 126 default: 127 retstr = "unknown-error"; 128 break; 129 } 130 return retstr; 131 } 132 133 static const char *mac2str(const uint8_t mac[ETH_ALEN]) 134 { 135 static char buf[ETH_ALEN*3]; 136 sprintf(buf, "%02X:%02X:%02X:%02X:%02X:%02X", 137 mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]); 138 return buf; 139 } 140 141 static void CLUSTERIP_print(const void *ip, 142 const struct xt_entry_target *target, int numeric) 143 { 144 const struct ipt_clusterip_tgt_info *cipinfo = 145 (const struct ipt_clusterip_tgt_info *)target->data; 146 147 if (!(cipinfo->flags & CLUSTERIP_FLAG_NEW)) { 148 printf(" CLUSTERIP"); 149 return; 150 } 151 152 printf(" CLUSTERIP hashmode=%s clustermac=%s total_nodes=%u local_node=%u hash_init=%u", 153 hashmode2str(cipinfo->hash_mode), 154 mac2str(cipinfo->clustermac), 155 cipinfo->num_total_nodes, 156 cipinfo->local_nodes[0], 157 cipinfo->hash_initval); 158 } 159 160 static void CLUSTERIP_save(const void *ip, const struct xt_entry_target *target) 161 { 162 const struct ipt_clusterip_tgt_info *cipinfo = 163 (const struct ipt_clusterip_tgt_info *)target->data; 164 165 /* if this is not a new entry, we don't need to save target 166 * parameters */ 167 if (!(cipinfo->flags & CLUSTERIP_FLAG_NEW)) 168 return; 169 170 printf(" --new --hashmode %s --clustermac %s --total-nodes %d --local-node %d --hash-init %u", 171 hashmode2str(cipinfo->hash_mode), 172 mac2str(cipinfo->clustermac), 173 cipinfo->num_total_nodes, 174 cipinfo->local_nodes[0], 175 cipinfo->hash_initval); 176 } 177 178 static struct xtables_target clusterip_tg_reg = { 179 .name = "CLUSTERIP", 180 .version = XTABLES_VERSION, 181 .family = NFPROTO_IPV4, 182 .size = XT_ALIGN(sizeof(struct ipt_clusterip_tgt_info)), 183 .userspacesize = offsetof(struct ipt_clusterip_tgt_info, config), 184 .help = CLUSTERIP_help, 185 .x6_parse = CLUSTERIP_parse, 186 .x6_fcheck = CLUSTERIP_check, 187 .print = CLUSTERIP_print, 188 .save = CLUSTERIP_save, 189 .x6_options = CLUSTERIP_opts, 190 }; 191 192 void _init(void) 193 { 194 xtables_register_target(&clusterip_tg_reg); 195 } 196
